Ask HN: What's the best company to buy an SSL certificate from?
There was an Ask HN thread [1] from nearly three years ago that asked the same question, and a variety of answers were provided. On the one hand, there's the "don't spend more than x" on a certificate, and there's the flip side of "get a green bar, it's worth it".
The specifics:
- site is running atop Magento 1.9 on LAMP, payments processed offsite by Braintree (i.e., no credit card details stored on the website) - initially 1x IP address, hosted from a UK data centre - static components may be served from a non-www subdomain (i.e., static.example.com) in future, which may be the same or different IP address
My questions:
1. Who's worth shortlisting in 2014? 2. If you consider yourself a security-aware shopper, would you be dissuaded from purchasing from a site with standard (`non-green`, if you will) SSL?
Thank you in advance.
[1] https://news.ycombinator.com/item?id=3556796
88 comments
[ 4.5 ms ] story [ 495 ms ] thread2. Yes.
2. Yes.
2. No
One great feature is the unlimited SAN feature with the wildcards. You can secure multiple levels for free, amazing support, fast validation, etc.
They are on the high end with Symantec though, price wise.
Disclaimer: DigiCert affiliate
I think the whole certificate business is a rip-off, the only thing that 'green bar/lock icon/whatever' says is that someone at some point in time was able to pay some low dollar amount, but not who, what amount and if they're trustworthy in any way.
I've dealt with their support people a few times as well, and agree that they are fantastic.
2. Yes
2 Years wildcard for $59.90
Heck for $99 you can buy a Comodo "EssentialSSL" wildcard, which grants you unlimited re-issue (plus you don't have to deal with StartSSL's terrible UI):
https://comodosslstore.com/essentialssl-wildcard.aspx
They retain the records for seven years though. Why preserve the documents at all after validation is complete for non-EV certs? Seems like it creates an unreasonable liability given that data breaches happen. They will also not say how the records are secured. When I inquired, they simply said "We obviously can't provide any technical details about our security measures, but the documents are secure." While I can understand the need to maintain operational security, disclosing whether documents are stored encrypted or not should not violate this security.
The lack of openness, combined with the charge for cert re-issuance made me look elsewhere. When the heartbleed vulnerability hit and I had to regenerate certs, I was very happy to have chosen a different CA.
If you need a cheap wildcard cert you can get a two year wildcard AlphaSSL cert from garrisonhost for $79 without the pain of dealing with StartSSL.
http://www.garrisonhost.com/ssl-certificates/alphassl.html
I'll give them some credit though for successfully using client certificates for login purposes. Sure it has some obvious drawbacks (if they only issue you one login keypair, losing it locks you out of your account) and some real benefits. It's interesting to say the least, and impressive to see working too.
I'd like to see that sort of login method offered at least as an option on more websites, even consumer stuff like Gmail and Facebook, but especially other SSL providers, seems like a natural fit.
As a login method it works automatically without any user interruption, every browser seems to support it, even my iPhone, and the enrollment process for securely generating a new key on the users machine and installing their certificate in the browser for them can clearly be 100% automated by the website itself (that's what StartSSL does), so that removes almost all the pain points for even non-technical users.
Oh and it makes automatic website login via smartcards possible too, should you choose to develop an obsession with them like I have :)
/tangent
You get the exact same level of security from EV and non-EV certs. The whole "extended validation" criteria is pretty handwavy and varies from CA to CA. Paying more for that warm, fuzzy feeling isn't worth it.
The faster the web moves away from SHA-1 the better, and rewarding companies that are already abstaining from SHA-1 contributes to our collective security, in the case of HTTPS.
You should also do it for purely selfish reasons. Chrome is sunsetting SHA-1 for use in certificate signatures, and Chrome will eventually show SHA-1 certificates as insecure. See the link below.
http://googleonlinesecurity.blogspot.se/2014/09/gradually-su...
Referring specifically to this point, and not to your wider point about moving away from SHA-1, "because one browser maker said so" is rarely a good reason to do anything.
Google has an irritating habit of deciding it knows best for the entire world, but often it gets that call wrong and winds up degrading the experience for people who aren't in its chosen group of blessed users. The Firefox team are similarly arrogant at times.
However, in the real world, large organisations also use browsers to access intranet sites, and their requirements -- particularly with regards to security -- may be different to users surfing the public Web. Developers do need to do things with sites that aren't fully configured yet or are in transition from one system to another even if those things might not be a good idea when surfing the public Web. And so on.
So, I urge you to support good practices by making solid technical arguments for them. For example, in this case you could explain or link to information about why the SHA-1 issue matters for those who don't know. Please don't promote browser makers as authoritative sources of best practices instead, because often they aren't.
For example, instead of saying "it's a good idea to do this because Google will show scary messages", it would be more helpful to link to a site with a test tool and explanatory information about the underlying issue, such as this one:
https://shaaaaaaaaaaaaa.com/
So if you do go for an EV cert, go for the one that has the best listed uptime on it's CRL or OCSP servers.
Having said that, I would never spend more than $10 on a cert, and just use the most standard/common "bundled" CA cert. No one will ever know. It will have faster page loads. And those fake stories that EV certs increase conversions are exactly that, fake, and misleading. No one will real world experience has ever claimed to see a positive difference with EV certs.
The only problem with cheaper certs is you have to bundle the intermediary CA certs...
http://www.devside.net/wamp-server/installing-comodo-positiv...
It's important to answer in the context of the question.
http://uptime.netcraft.com/perf/reports/performance/OCSP
How is the above bad advice, and not answering the context of the question? What other possible qualification is there for "best" EV certs? They are all "green bar". There is little else to them except price differences.
His customers are going to want a responsive page load time, none of them are going to pull the certificate to make sure he went with a DigiCert EV instead of a GeoTrust EV.
Having worked with thousands of business in ecommerce I can guarantee you that a large percentage will want their name to appear "like PayPal and Citibank".
Our homepage is https://certly.io, shoot me an email at ian@certly.io
How are you able to offer EV certificates so cheaply? I thought they were typically ~$1000.
They retail at $300 typically but resellers pay dirt for them.
Our goal is to improve the way you buy your SSL/code signing/SMIME certificates. We have agreements with every large authority to give the buyer the best price for each product. We hope to take on VC funding to build our own root authority.
I'm open to working with others, shoot me an email @ ian@certly.io
Should your certificate provider do something stupid you can switch to a new provider in 30 minutes, assuming you don't pick EV.
The EV certificates look good, but that's about it. They do come with at least two disadvantages:
1. If your company name is different from the domain name it's going to look weird. We dropped having a EV because we're not interested in having the name of our parent/holding company in the address bar.
2. If you later switch back to a regular SSL certificate is going to look suspicious to your regular customers.
That being said, we use Trustzone (http://www.trustzone.com). They provide GlobalSign SSL certificates at a reasonable price. I like that they email us, or call if we don't react, a few months before our certificates expire. We also have our own account manager who helps with new certificates and renewals. It's extremely nice just be able to call someone.
[1] https://www.ssl2buy.com/ssl-discount-offers
2. No. An EV cert is nice little warm fuzzies, but the absence of it doesn't really tell me anything useful that would dissuade me from making a purchase.
EV certs are supposed to communicate certainty[1] to typical web users about identity, confidentiality, and integrity. But, if I understand correctly, obtaining EV certs in someone else's name (or something close enough to fool web users) is possible without great cost, and so that message of high security is misleading. If EV certs were believed by end users, wouldn't we merely be creating a social engineering security hole? Competent thieves also would use EV certs and increase trust in their websites too.
Thankfully, I've never met an end user without technical knowledge who understood what an EV cert was. I do know what they are and I don't trust them more than regular certs (which is not much for identity, but I do as protection against low-cost confidentiality and integrity attacks).
[1] Re: "certainty": I know EV certs are supposed to be more secure and not perfectly secure, and that there is no perfect or 'certain' security. However, few end users understand the latter, and of the ones that do few would take the time to learn the degree of increased security EV provides. We shouldn't say, 'trust the green bar' unless we expect people to do it.
Here's what I know, which is not conclusive but possibly persuasive, and as I say below, I've never seen someone call the checks effective: 1) In my experience obtaining regular certs, the identity verification looked ineffective (though I wasn't trying to fool anyone). 2) Regarding both EV and regular certs, I've read several times about ineffectiveness of the verification, and I've never seen someone say otherwise. 3) Finally, effective verification is hard and manually intensive; it's hard to believe it's economical or practical for the large volume of certs issued.
I will say there are very few maliciously issued EV certificates.
> CAs make >$30-40 per certificate and validation takes max 30 minutes spread out over a day or two (typically).
$30-40 isn't much, and 30 minutes doesn't seem nearly sufficient to reliably verify someone's identity.
> I will say there are very few maliciously issued EV certificates.
How do we know? And is there a lower fraud rate for EV certs than for standard certs? (Probably there is little fraud in any set of business transactions -- otherwise nobody would participate -- but I don't think that's what you mean.)
> 30 minutes doesn't seem nearly sufficient to reliably verify someone's identity.
It's actually not that long of a process once you read over the CPS's of a few CAs and the EV baseline.
> How do we know? Ah, the golden question! Hopefully CT (certificate transparency) will sort this out within the next 3 years. My statement is an assumption but any high level fraud (e.g. Google/MSFT) is caught immediately (chrome pinning/reporting and internal CA logs, if you're not DigiNotar). I don't know about small companies though.
I don't think there's ever been a maliciously issued EV cert in the context of the ComodoHacker and other very public hacks. They typically have tighter internal controls, that I know (e.g. RAs have very limited EV issuance power) but I have no numbers. :(
You should note that EV implies DV validation, so to, without hacking, maliciously issue a certificate an attacker would probably settle for a DV cert.
As a baseline, it is fairly difficult now to receive a certificate for any well known company, charity or government entity. For example, even a standard non EV request for something like 'C1tybank.com' would be flagged for manual review and rejected.
EV cert requests just up the amount, types and means of communication that must be done which (hopefully) raises costs more for phishers attempting to setup hundreds of scam sites than legit purchasers.
Regarding EV certs, they're not worth the extra money and inconvenience. They provide no additional security, and the assurance they provide visitors is highly questionable (e.g. see shiftpgdn's comment about how switching to a non-EV cert resulted in absolutely no change in order metrics: https://news.ycombinator.com/item?id=8344666).
Standard: $15.95/year
Wildcard: $149.95/year
But thanks for the feedback; I'll make this more prominent.
Here's a visual comparison I put together:
https://www.expeditedssl.com/pages/visual-security-browser-s...
How you feel about this probably centers around whether you view SSL more as a cryptographic means of securing a connection (stopping traffic snooping) or if you view the SSL+Browser iconography as a means of site identification (stopping phishing attacks).
3. 2. 1. Go!
FF, and chrome and IE are totally ok with login/pass passing in clear over http, which is wrong. But when you don't have a certificate signed with by one of the root certificate in your wallet it screams to death. (Which is totally in hierarchy of risk WTF).
Your wallet contains organization that should have been shut down according to the rules of SSL: we normally cannot trust any authority that even once or for good reasons emitted a joker certificate to make a MITM (or helped people doing so). https://news.ycombinator.com/item?id=2138565
In your web browser default certificates list you find microsoft. in 2007, they put in IE for the Ben Ali gvt a special certificate to be able to do a MITM on the tunisian opponents. (ofc those using ff would see a warning).
MS did not emit the certificate, but for them who can issue SSL certificates that's clear not right to provide a SSL joker root certificate in its web browser used for MITM (without your nice little icon you care about to get red).
MS is still in my list of trustful SSL certificates. How can you trust them. If they could betray once for a few money (tunisia had less money as a state than MS, google, whatever country) they have incentive to redo it again.
Knowing MS has gone through the death penalty, other SSL issuers can now have an incentive to do the same.
SSL central certificate are NOT to be trusted anymore. We have proofed once a company in our "trustfull" wallets betrayed without consequence. So betraying is OK.
My recommandations: - Ever dane (but that is a combinat) or the new technology google is secretly working on (maybe mozilla too), - set a cookie on http landing page ssl_cert_on=bool - if not present redirect to http://www/my_cert - give a link to your self signed certificate on your domain so that your user add it its wallet securely (must be a js or a MIME extension to set so that IE/FF/google open at the "add this certificate to your wallet page" - correct the world and FF/Chrome/IE mess by providing a way for the user to read the mess of the X509 certificate (for which domain this cert is valid, the fingerprint) - correct the world another time by explaining to your customers it is normal they should not trust this special web page or this certificate and give them links for them to check your allegation, (knowledge and tools) - provide another secured way to access your cert fingerprint (DNS SEC TXT record for instance, snail mails, flying carrier, PGP mails...) - and make a rant on how much security UI/UX is so much sucking and poorly thought that it is the major security hole nowadays and how all security guru giving us advice on how to code to "secure" code should be regarded as cons that should be imprisoned.
Then, now that you corrected the whole "what gone wrong with central authoriy"'s mess, you can very easily make your free self signed cert secure certificates and sleep on your 2 ears because your customers are now understanding security the right way.
If you understood nothing of the text above, just buy a normal certificate to whoever you want. You will be "safe" according to the green icon, and this is all that matters in the real world.